#!/bin/bash

set -e
# ca
openssl req -passout pass:password -new -x509 -keyout ca_p.pem -out ca.pem -subj "/CN=jigela/OU=supsersa/O=supsersa/L=tm/ST=tm/C=CN"

# db
# 3k1
openssl req -newkey rsa:2048 -nodes -out 3k1.csr -keyout 3k1.key -subj '/CN=10.1.1.1/OU=supsersa/O=supsersa/L=tm/ST=tm/C=CN'
openssl x509 -passin pass:password -tma256 -req -in 3k1.csr -signkey 3k1.key -CA ca.pem -CAkey ca_p.pem -CAcreateserial -out 3k1.crt
cat 3k1.crt 3k1.key > 3k1.pem

# 3k2
openssl req -newkey rsa:2048 -nodes -out 3k2.csr -keyout 3k2.key -subj '/CN=10.1.1.2/OU=supsersa/O=supsersa/L=tm/ST=tm/C=CN'
openssl x509 -passin pass:password -tma256 -req -in 3k2.csr -signkey 3k2.key -CA ca.pem -CAkey ca_p.pem -CAcreateserial -out 3k2.crt
cat 3k2.crt 3k2.key > 3k2.pem

# 3k3
openssl req -newkey rsa:2048 -nodes -out 3k3.csr -keyout 3k3.key -subj '/CN=10.1.1.3/OU=supsersa/O=supsersa/L=tm/ST=tm/C=CN'
openssl x509 -passin pass:password -tma256 -req -in 3k3.csr -signkey 3k3.key -CA ca.pem -CAkey ca_p.pem -CAcreateserial -out 3k3.crt
cat 3k3.crt 3k3.key > 3k3.pem

# Users
# root
openssl req -newkey rsa:2048 -nodes -out root.csr -keyout root.key -subj '/CN=root/OU=sb/O=supsersa/L=tm/ST=tm/C=CN'
openssl x509 -passin pass:password -tma256 -req  -in root.csr -signkey root.key -CA ca.pem -CAkey ca_p.pem -CAcreateserial -out root.crt
cat root.crt root.key > root.pem

openssl req -newkey rsa:2048 -nodes -out sbtest.csr -keyout sbtest.key -subj '/CN=sbtest/OU=sb/O=supsersa/L=tm/ST=tm/C=CN'
openssl x509 -passin pass:password -tma256 -req  -in sbtest.csr -signkey sbtest.key -CA ca.pem -CAkey ca_p.pem -CAcreateserial -out sbtest.crt
cat sbtest.crt sbtest.key > sbtest.pem